From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 2/3] dropbear: Add configuration options for security features
Date: Wed, 18 Apr 2018 17:10:31 +0200 [thread overview]
Message-ID: <20180418171031.013dbdac@windsurf.numericable.fr> (raw)
In-Reply-To: <20180418142434.7268-2-stefan.sorensen@spectralink.com>
Hello,
On Wed, 18 Apr 2018 16:24:33 +0200, Stefan S?rensen wrote:
> The dropbear server provides no runtime configuration of ciphers, key
> exchange algorithms, etc., but must rather be configured compile time.
> With no configurability the default settings will be use which may not
> be desired in all scenearios.
>
> These new options allow the selection of
> Ciphers (AES128, AES256, 3DES, BLowfish, Twofish128, Twofish256)
> Cipher modes (CBC, CTR)
> Integrity algorithms (SHA1, SHA1-96, SHA2-256, SHA2-512, MD5)
> Key exchange algorithms (RSA, DSS, ECDSA, Curve25519, ECDH)
> Authenticaton types (Password, Pubkey)
>
> No defaults are changed.
>
> Signed-off-by: Stefan S?rensen <stefan.sorensen@spectralink.com>
We received PATCH 2/3 and 3/3, but not 1/3. Was it sent ? Is it a
mistake ?
> +config BR2_PACKAGE_DROPBEAR_CIPHER_BLOWFISH
> + bool "Blowfish"
> + default y if !BR2_PACKAGE_DROPBEAR_SMALL
No need for a tab before the "if".
Is it possible to enable this option even if
BR2_PACKAGE_DROPBEAR_SMALL=y ? I.e, does it build ?
> +menu "Dropbear authenticaton types"
authentication
Did you do a pass with ./utils/check-package on package/dropbear/*
after doing those changes ?
Thanks,
Thomas
--
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com
next prev parent reply other threads:[~2018-04-18 15:10 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-18 14:24 [Buildroot] [PATCH 1/3] dropbear: Use macro to set options Stefan Sørensen
2018-04-18 14:24 ` [Buildroot] [PATCH 2/3] dropbear: Add configuration options for security features Stefan Sørensen
2018-04-18 15:10 ` Thomas Petazzoni [this message]
2018-04-19 7:50 ` Sørensen, Stefan
2018-04-18 21:58 ` Arnout Vandecappelle
2018-04-19 7:57 ` Sørensen, Stefan
2018-04-18 14:24 ` [Buildroot] [PATCH 3/3] dropbear: Disable insecure options Stefan Sørensen
2018-04-18 15:11 ` Thomas Petazzoni
2018-04-20 3:45 ` [Buildroot] [PATCH 1/3] dropbear: Use macro to set options François Perrad
2018-04-28 15:51 ` Thomas Petazzoni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180418171031.013dbdac@windsurf.numericable.fr \
--to=thomas.petazzoni@bootlin.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox